Re: pkgsrc packaging of base?

[David Kirchner <dpk@xxxxxxx>]

On 2/8/06, Paul Allen <pallen@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> The defining feature of the base system in FreeBSD is a set
> of libraries whose versioning is considered as a set and where
> library number bumps are carefully planned with respect to
> changes.  Thus ensuring that it is relatively easy to run old
> binaries on new systems, and ensuring that you are usually
> free of upgrade hell--within the scope of the basesystem.
> (at least that is the goal....)
>
> Furthmore these library changes are carefully matched to
> changes in the sysctl's, ioctls, and syscalls.
>
> This is a golden bit of work that makes FreeBSD work well
> (and that Dragonfly has inherited).

It makes it work well right up until gzip or some other program ends
up with a security hole, and then you have to either manually patch it
(having no way to verify later if it was patched other than 'md5') or
upgrade the entire OS to -STABLE. Most modern OSs don't require that
much work for simple fixes. It'd be great if DragonFly followed suit.

Some things are going to be harder to manage, like the aforementioned
sysctl's, ioctl's, procfs, but if we just accept that some things
(libraries, etc) have to be kept in sync with the kernel package, then
I think we'll be OK.

Without packaging up the base system, updating a small amount of
servers (100 or so) becomes a very difficult task -- speaking from
personal experience and frustrating with the FreeBSD 'monolithic'
version system.

On 2/8/06, Steve Mynott <steve.mynott@xxxxxxxxx> wrote:
> Maybe its a little early in the life of DF pkgsrc to think of this,
> but has anyone considering hooking up the kernel/userland build
> process so that the kernel and userland binaries are under the binary
> package control of the pkgsrc pkg_* utilities?

It's probably going to be easier to do it now rather than later.